iSelfSchooling.com - Copyright © 1999-2009  References  |  Job Openings  | Login (Staff | Members)
    Home  | Search more...  | Community of Sharing Knowledge (with FREE Online Video Training)
    Oracle Syntax  | Suggestions  | Private Tutoring  | Member Collaboration  | Get Translations...

  Copyright & User Agreement

    Email2aFriend  | Homepage us! |  Bookmark

Services

 Vision/Mission

 Services

 Biography

 Contact Us

 

 FREE Training

 SQL

 PL/SQL

 Forms 

 Reports

 Other TOOLS

 Fundamentals

 Performance

 OEM

 Application Server

 Grid Control

 Articles

 Prepare for OCP

 

More to know...

Acknowledgement___

 Who is who

 University Directory

 Links...

 

 

 

 

FREE Online Oracle Training for beginners and advanced - The most comprehensive Oracle tutorial

The authors do not guarantee or take any responsibility for the accuracy, or completeness of the information.

BASICS

SQL | PL/SQL

DEVELOPERS

FORMS 2 | REPORTS | Other TOOLS

DBAs

FUNDAMENTALS 2 | PERFORMANCE | OEM

ADVANCE

APPLICATION SERVER | GRID CONTROL | ARTICLES 2 3 4

Advanced - Application Server

Lesson 01 | Lesson 02 | Lesson 03 | Lesson 04 | Lesson 05 | Lesson 06 | Lesson 07 | Lesson 08 | Lesson 09 | Lesson 10 | Lesson 11 | Lesson 12 | Lesson 13 | Lesson 14 | Lesson 15 | Lesson 16 | Lesson 17 | Lesson 18 | Lesson 19 | Lesson 20 | Lesson 21 | Lesson 22 | Lesson 23 | Lesson 24 | Lesson 25 | Lesson 26 | Lesson 27 | Lesson 28 | Lesson 29 | Lesson 30 | Lesson 31 | Lesson 32 | Lesson 33 | Lesson 34 | Lesson 35 |

Lesson 17

‘Whenever I see an erring man, I say to myself I have also erred; when I see a lustful man I say to myself, so was I once; and in this way I feel kinship with everyone in the world and feel that I cannot be happy without the humblest of us being happy.’ Gandhi

How to manage OID Credentials (Managing OID Credentials)

LESSON17

 

Keep this in mind that “UserPassword” is the attribute of a user entry that stores user password and “orclCryptoSchema” is the attribute that stores the user password-hasshing schema in the root DSE entry.

 

Let see how password verification works.

As we mentioned that Oracle components store the password of the user in the OID server. The following are steps involved in password verification:

-         The user tries to log in to an application by entering a username and a clear text password.

-         The application sends the clear text password to the directory server. If the application stores password verifiers in the directory, then the application requests the directory server to compare this password value with the corresponding one in the directory.

-         The directory server generates a password verifier by using the hashing algorithm specified for that particular application. It compares this password verifier with the corresponding password verifiers in the directory. It then notifies the application of the results of the compare operation. For the compare operation to be successful, the application must provide its appID as the subtype of the verifier attribute.

-         Depending on the message from the directory server, the application either authenticates the user or not.

 

It is a good practice to modify the default password policy that the attribute Password Maximum Failure (pwdmaxfailure) value be not greater than 3.

 

To modify the attribute Password maximum Failure (pwdmaxfailure), start the ODM if not already started, and then connect as orcladmin. Expand the Password Policy Management node and select the Password Policy for Realm for example the dc=iselfschooling,dc=com node.

 

Click the Account Lockout tab, when the password policy properties are displayed in the right pane. Then change the value and click the Apply button to save the changes.

 

 
 
Google
 
Web web site